Position Overview:
We are seeking a skilled and motivated IT Security Specialist to join our team. The ideal candidate will play a pivotal role in implementing and managing security architecture, ensuring compliance with security standards, and mitigating risks through effective vulnerability management. This position demands expertise in IT security tools and methodologies, a proactive approach to incident detection and resolution, and familiarity with operational security processes.
Key Responsibilities:
- Security Architecture Implementation:Develop and implement a security architecture blueprint encompassing DevSecOps, application, infrastructure, and operational security.
Define processes, provisioning, and interfaces for secure application interaction.
Provide expert recommendations on security practices and improvements.
- Access Management and Control:Manage and optimize access control processes and tools.
Oversee access management systems, ensuring secure and compliant operations.
- Vulnerability Management:Execute security vulnerability scanning activities, including HCR/NVA, Pen Testing, SAST, and DAST.
Analyze and resolve findings from security assessments and audits.
- Operational Security Management:Oversee OS and application-level patching, operational housekeeping, and archival processes.
Implement server and application hardening procedures, following IM8 policies and vulnerability assessment standards.
Handle security incident detection, reporting, and SSL certificate renewals.
- Audit Facilitation:Support and facilitate external auditing processes to ensure compliance with security frameworks.
Technologies & Skills Required:
- OS Administration (Linux/Windows).
- Expertise in security tools, including:IBM Security Verify Access
IBM QRadar
Thales HSM
OpenSSL
Tenable Nessus
Burp Suite Enterprise
Requirements:
- Minimum 2+ years of experience in IT Security.
- Professional certifications such as CISSP, CCSP, CCSK, or equivalent are preferred.
- Proficiency in 1-2 Cyber Security domains, such as Identity Access Management, Security and Risk Management, Application/Network Security, or Vulnerability Management, with a broad understanding of other areas.
EA License number: 11C4879
